Quality Assuring the MSI
Quality assuring a Windows Installer package requires careful handling and a hawk eye. Every company is different and has different rules, but below are most of the important things you should look for when you are testing the package.
Naming Standards | |
MSI name format | Your company standard, for example ProductName-ProductVersion-Architecture-ReleaseNR.msi |
MST name format | Your company standard, for example ProductName-ProductVersion-Architecture-ReleaseNR.mst |
Summary Information | |
ProductName | Your company standard, for example [ProductName] [Product Version] |
Title | Your company standard, for example [ProductName] [Product Version] [Release NR] |
Subject | Your company standard, usually empty |
Author | Your company standard |
Comments | Your company standard |
Keywords | Installer,MSI,Database |
Properties | |
ALLUSERS | 1 |
ARPNOMODIFY | 0 - If 1 document why necessary |
ARPNOREMOVE | 0 - If 1 document why necessary |
ARPNOREPAIR | 0 - If 1 document why necessary |
REBOOT | ReallySuppress |
ROOTDRIVE | C:\ |
ISCHECKFORPRODUCTUPDATES | Remove property |
MSIDISABLERMRESTART | 0 |
MSIRMSHUTDOWN | 2 |
MSIRESTARTMANAGERCONTROL | Disable |
ARPSYSTEMCOMPONENT | If used, it needs to be documented. |
File/Folder checks | |
Ensure that files installing to System32 or any common folder are Reference Counted | Check the log file to determine if any of the folders listed need to be shared. |
No unnecessary File/Folder entries. | No unnecessary entries. |
Registrychecks | |
Inspecting Registry for any unnecessary entries. Most should be included in the Exclusion List | No unnecessary entries. |
Other checks | |
Shortcut placement Start Menu\Programs\<application name> or directly in Start Menu Check for unnecessary shortcuts. e.g. Product Registration / Readme / Vendor URL. Also, make sure no quick launch or non standard location shortcuts exist unless specified in the approved discovery document. | Your company standard. In any case (capture, MST, silent), shortcut locations remain just as the vendor places them (default). Only in rare cases where the customer asks for a different Start Menu structure this is modified |
No references to network drives i.e. “H:\”. | Check with a table search in your MSI editor. |
Ensure there are no unused directory table entries | Delete any unused directories in directory table |
Media table | • Ensure there are no unused entries • LastSequence value should not be larger than the greatest Sequence value from the File table. |
If ActiveSetup is used and a new release of a package is created (e.g. to fix an issue), then ensure the “Version” string value in the registry is incremented. | HKLM\SOFTWARE\Microsoft\Active Setup\Installed Components\[ProductCode] Version=X,X Note: Do not use decimal points in versions within ActiveSetup keys as they are ignored. |
If ActiveSetup is used, check to see if it needs removal | In most cases, at uninstall, the Active Setup keys should be deleted (from HKCU). |
Custom Action Check | Check if all the custom actions are correctly placed and function correctly. |
Installation | |
Ensure that these Device Drivers are managed correctly within the package. | |
Install any prerequisites as documented. | |
Install a previous version of the application and check if the current package upgrades the previous package | |
Log on as Administrator and install the application under the SYSTEM context (psexec -s) ensuring that core applications are ran during the process, if integration is required (Do not run the application as an admin user). After installation, DELETE THE SOURCE MEDIA (MSI, MST, ENTIRE FOLDER) FROM WHERE THE PACKAGE HAS BEEN INSTALLED TO CHECK IF THE PACKAGE REQUIRES MEDIA DURING SELF-HEALING. Use the installation command line. Ensure pop ups / messages during installation are consistent with the wanted behavior. Reboot / Log off and on if required by the installation i.e. check for ActiveSetup. | |
Launch all shortcuts as the locked down user. | |
Test functionality of the application as a locked down user. Ensure no popups / EULA / first use / product registration dialogs. Check auto updates disabled in the user interface. Ensure the functionality meets all requirements. | |
Check that ODBC entries have been created on the machine. | |
Check that services have been installed on the machine. | |
Check services path(s) for vulnerabilities. | |
Confirm that environment variables have been applied correctly. | |
Check installation logs to verify the installation was successful. | |
Check permissions are set correctly | |
Check Firewall rules | |
Check Control Panel applet(s) (if any). | |
Ensure there are no errors / unexpected repairs after reboot. | |
Revert to a clean build. Repeat the installation tests above after installing and removing the previous version. (only if previous version exists) | |
Repair | |
Simulate repair | Remove a keypath and then launch the application. Check if the removed item has been restored. Check if the package size has not ballooned which would indicate a problem with payload dropping during repair. Check application functionality. |
MSI repair | Check user based components (e.g. User Profile files) are created during the repair and that no unnecessary repair happens on subsequent launches. |
ActiveSetup | ActiveSetup should only be used if: a) standard MSI repair cannot be used e.g. Unadvertised shortcut. Or b) it is part of the MSI design |
Uninstall | |
Login as Administrator and Uninstall packages running under the SYSTEM context (psexec -s) using the command line. making sure that all components that should be uninstalled are uninstalled. Ensure that core applications are launched if an integration is required by the application. (Use the installation command line from the package build document.) Ensure pop ups / messages during removal are consistent with the needed behavior. Ensure all running processes are closed and removed (i.e. taskbar items). | |
Reboot (if applicable) after uninstall. | Check system state is as expected. |
Ensure that all shortcuts have been removed | |
Ensure the application folder is removed. | |
Ensure services are removed. | |
Ensure ODBC entries/drivers are removed (if applicable). | |
Check environment variables are removed. The path variable should be checked to ensure that the whole path variable has not been removed. | |
Registry - application specific keys removal. | Depending on the nature of the package, check if the application specific registry keys have all been removed. |
Installation directory removal | Check that the INSTALLDIR has been removed. If not possible, it should be documented. |
Firewall rules removal check. | |
Control Panel applets removal check. | |
Check file associations are correctly removed or reverted (if shared). | |
Review the event log errors and warnings, ensure none exist that imply a packaging issue exists. | |
Check Uninstall logs to verify Uninstall was successful. | |